Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A method for improving Transmission Control Protocol (TCP) performance in network access, the method comprising: detecting an encapsulated outgoing data packet; processing a Point to Point Protocol (PPP) layer in the outgoing data packet to obtain routing information for establishing a connection to a Virtual Private Network (VPN) tunnel and to determine when the PPP layer encapsulates at least TCP and Internet Protocol (IP) layers of the outgoing data packet; and when the PPP layer encapsulates at least TCP and IP layers of the outgoing data packet: removing the PPP layer including the encapsulated TCP and IP layers from the outgoing data packet; and processing the outgoing data packet in accordance with a locally driven application protocol path comprising encapsulating data of the outgoing data packet with a Layer 7 header in place of the removed PPP layer, wherein the application protocol path is configured to act as a TCP proxy connection over the VPN tunnel; and the method further comprising: determining when the outgoing data packet does not include a PPP layer and processing the outgoing data packet in accordance with an access configuration path when the outgoing data packet does not include a PPP layer.
A method improves TCP performance in network access by optimizing VPN tunnel connections. When an outgoing data packet is detected, the method examines the Point-to-Point Protocol (PPP) layer. If the PPP layer encapsulates TCP and IP layers (meaning it's using a VPN tunnel), the method removes the PPP layer. Instead of using PPP, the method processes the packet using a locally-driven application protocol path. This path encapsulates the data with a Layer 7 header, acting as a TCP proxy connection over the VPN. If the outgoing packet doesn't have a PPP layer, it's processed via a standard access configuration path, bypassing the VPN tunnel optimization.
2. The method of claim 1 , further comprising forwarding the outgoing data packet to a destination in accordance with the application protocol path and applying a network address translation process to the outgoing data packet based on the routing information prior to the packet being forwarded.
The method described to improve TCP performance by optimizing VPN tunnel connections, the system forwards the outgoing data packet to its destination using the application protocol path (the TCP proxy) mentioned previously. Before sending the packet, the method applies Network Address Translation (NAT) based on the routing information obtained during the PPP layer processing (when a PPP layer was present), ensuring the packet is correctly routed and that return traffic can find its way back.
3. The method of claim 1 , wherein the processing the outgoing data packet in accordance with the access configuration path when the outgoing data packet does not include a PPP layer further comprises encapsulating the data of the outgoing data packet and a second IP layer with a security layer.
The method described previously to improve TCP performance by optimizing VPN tunnel connections, when an outgoing data packet does *not* contain a PPP layer (meaning it's not using the VPN tunnel), the packet is processed via a standard access configuration path. This involves encapsulating the data of the outgoing packet with a second IP layer and a security layer, providing security for non-VPN traffic.
4. The method of claim 3 , wherein the security layer is based on User Datagram Protocol (UDP) and Datagram Transport Layer Security (DTLS) security protocol or an Internet Protocol Security (IPSec) security protocol.
In the method that processes outgoing packets without a PPP layer by adding a security layer, the security layer uses either User Datagram Protocol (UDP) and Datagram Transport Layer Security (DTLS) or Internet Protocol Security (IPSec) to secure the data. This ensures secure communication for packets that are not routed through the optimized VPN tunnel.
5. The method of claim 1 , wherein the data of the outgoing data packet is further encapsulated by an SSL layer, a second TCP layer, and a second IP layer.
The method improving TCP performance adds additional layers of encapsulation. The data of the outgoing packet is encapsulated with SSL (Secure Sockets Layer), a second TCP layer, and a second IP layer. This is in addition to any encapsulation performed by either the application protocol path (for VPN traffic) or the security layer (for non-VPN traffic), providing multiple layers of security and protocol handling.
6. A non-transitory machine readable medium having stored thereon instructions for improving Transmission Control Protocol (TCP) performance in network access, the instructions comprising machine executable code which when executed by at least one machine, causes the machine to perform steps comprising: detecting an encapsulated outgoing data packet; processing a Point to Point Protocol (PPP) layer in the outgoing data packet to obtain routing information for establishing a connection to a Virtual Private Network (VPN) tunnel and to determine when the PPP layer encapsulates at least TCP and Internet Protocol (IP) layers of the outgoing data packet; and when the PPP layer encapsulates at least TCP and IP layers of the outgoing data packet: removing the PPP layer including the encapsulated TCP and IP layers from the outgoing data packet; and processing the outgoing data packet in accordance with a locally driven application protocol path comprising encapsulating data of the outgoing data packet with a Layer 7 header in place of the removed PPP layer, wherein the application protocol path is configured to act as a TCP proxy connection over the VPN tunnel; and the steps further comprising: determining when the outgoing data packet does not include a PPP layer and processing the outgoing data packet in accordance with an access configuration path when the outgoing data packet does not include a PPP layer.
A non-transitory machine-readable medium stores instructions to improve TCP performance in network access. When executed, these instructions cause the machine to: detect outgoing data packets; if the packet uses a PPP layer to connect to a VPN, remove that layer. Instead of using PPP, the machine uses a locally-driven application protocol path to encapsulate data with a Layer 7 header, functioning as a TCP proxy over the VPN tunnel. If the outgoing packet lacks a PPP layer, it processes the packet using a standard access configuration path instead.
7. The machine readable medium of claim 6 , further having stored thereon instructions comprising machine executable code which when executed by the at least one machine further causes the machine to perform steps further comprising forwarding the outgoing data packet to a destination in accordance with the application protocol path and applying a network address translation process to the outgoing data packet based on the routing information prior to the packet being forwarded.
The non-transitory machine-readable medium with instructions to improve TCP performance by optimizing VPN tunnel connections, the instructions also cause the machine to forward the outgoing data packet to its destination via the application protocol path (TCP proxy). Before forwarding, it applies Network Address Translation (NAT) using the routing information obtained from the (removed) PPP layer (when present), ensuring proper routing.
8. The machine readable medium of claim 6 , wherein the processing the outgoing data packet in accordance with the access configuration path when the outgoing data packet does not include a PPP layer further comprises encapsulating the data of the outgoing data packet and a second IP layer with a security layer.
The non-transitory machine-readable medium described previously, that improves TCP performance by optimizing VPN tunnel connections, stores instructions that, when the outgoing data packet lacks a PPP layer, the packet is processed via a standard access configuration path. This path involves encapsulating the data of the outgoing packet and a second IP layer with a security layer, providing security for non-VPN traffic.
9. The machine readable medium of claim 8 , wherein the security layer is based on User Datagram Protocol (UDP) and Datagram Transport Layer Security (DTLS) security protocol or an Internet Protocol Security (IPSec) security protocol.
In the non-transitory machine-readable medium that processes outgoing packets without a PPP layer by adding a security layer, the security layer uses either User Datagram Protocol (UDP) and Datagram Transport Layer Security (DTLS) or Internet Protocol Security (IPSec) to secure the data. This secures communication for packets not using the optimized VPN tunnel.
10. The machine readable medium of claim 6 , wherein the data of the outgoing data packet is further encapsulated by an SSL layer, a second TCP layer, and a second IP layer.
The non-transitory machine-readable medium improving TCP performance includes instructions to add additional layers of encapsulation. The outgoing packet's data is further encapsulated with an SSL layer, a second TCP layer, and a second IP layer, providing multiple layers of security and protocol handling, supplementing either the VPN tunnel's proxy or the non-VPN traffic's security layer.
11. A client device comprising: a processor coupled to a memory and configured to be capable of executing programmed instructions for improving Transmission Control Protocol (TCP) performance in network access stored in the memory to perform steps comprising: detecting an encapsulated outgoing data packet; processing a Point to Point Protocol (PPP) layer in the outgoing data packet to obtain routing information for establishing a connection to a Virtual Private Network (VPN) tunnel and to determine when the PPP layer encapsulates at least TCP and Internet Protocol (IP) layers of the outgoing data packet; and when the PPP layer encapsulates at least TCP and IP layers of the outgoing data packet: removing the PPP layer including the encapsulated TCP and IP layers from the outgoing data packet; and processing the outgoing data packet in accordance with a locally driven application protocol path comprising encapsulating data of the outgoing data packet with a Layer 7 header in place of the removed PPP layer, wherein the application protocol path is configured to act as a TCP proxy connection over the VPN tunnel; and the steps further comprising: determining when the outgoing data packet does not include a PPP layer and processing the outgoing data packet in accordance with an access configuration path when the outgoing data packet does not include a PPP layer.
A client device improves TCP performance using programmed instructions. The device detects outgoing data packets; if a packet uses PPP for a VPN, it removes the PPP layer. Instead, the device uses a local application protocol path, encapsulating data with a Layer 7 header, acting as a TCP proxy over the VPN. If the packet lacks a PPP layer, it processes the packet using a standard access configuration path, providing a different routing and security mechanism.
12. The client device of claim 11 , wherein the processor is further configured to be capable of executing programmed instructions stored in the memory to perform steps further comprising forwarding the outgoing data packet to a destination in accordance with the application protocol path and applying a network address translation process to the outgoing data packet based on the routing information prior to the packet being forwarded.
The client device described to improve TCP performance by optimizing VPN tunnel connections, also forwards outgoing data packets to their destination through the application protocol path (the TCP proxy). It applies Network Address Translation (NAT) using routing information from the (potentially removed) PPP layer to ensure proper routing.
13. The client device of claim 11 , wherein the processing the outgoing data packet in accordance with the access configuration path when the outgoing data packet does not include a PPP layer further comprises encapsulating the data of the outgoing data packet and a second IP layer with a security layer.
In the client device that improves TCP performance through VPN optimization, when an outgoing data packet doesn't have a PPP layer (not using the VPN tunnel), the device uses a standard access configuration path. This path involves encapsulating the data and a second IP layer with a security layer, ensuring secure communication for traffic outside the VPN.
14. The client device of claim 13 , wherein the security layer is based on User Datagram Protocol (UDP) and Datagram Transport Layer Security (DTLS) security protocol or an Internet Protocol Security (IPSec) security protocol.
This client device is engineered to boost TCP performance for network access. When the device encounters an outgoing data packet that *does not* contain a Point to Point Protocol (PPP) layer, it processes that packet through an alternative "access configuration path." In this path, the core data of the outgoing packet, along with a second Internet Protocol (IP) layer, is encapsulated within a dedicated security layer. This security layer provides protection for the data and can be implemented using either the User Datagram Protocol (UDP) in conjunction with the Datagram Transport Layer Security (DTLS) protocol, or by leveraging the Internet Protocol Security (IPSec) protocol. This ensures secure transmission even when the primary VPN tunneling proxy (for PPP-encapsulated TCP/IP) is not engaged.
15. The client device of claim 11 , wherein the data of the outgoing data packet is further encapsulated by an SSL layer, a second TCP layer, and a second IP layer.
The client device improving TCP performance also adds extra encapsulation layers. The data of the outgoing packet is further encapsulated with an SSL layer, a second TCP layer, and a second IP layer, providing multiple levels of security and protocol management, in addition to either the VPN or non-VPN traffic handling.
Unknown
December 9, 2014
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.